You client should redirect the user to the following URL:
And the required GET parameters:
client_id- Provided when registered the app
redirect_uri- As configured on your app
resonse_type- must be code
scope: Can be any of the following:
identityfor user profile info and
brasfor list of the user's bras and information
Bratabase will show the user an authorization screen to the user. If the user isn't logged in, they'll be asked to first log in to the site and then the authorization screen will show. It will contain the app information registered in the client ID.
Up on user's authorization, the browser will be redirected back to the specified
redirect_uri containing the authorization code which your app should then negotiate back to the token URL:
Bratabase will provide your app a token URL which you should then use in your requests to obtain this user's information. This token should be stored in your database next to the user's ID.
The user has control of their tokens and can revoke them at any time.